package com.tosit.bmx.common.filter;


import org.apache.shiro.SecurityUtils;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.xml.ws.WebFault;
import java.io.IOException;

/**
 * 过滤器，避免考试用户认证成功后操作后台数据
 *
 * @author tsl
 * @create 2018-05-20
 **/
@WebFilter("/p/admin/*")
public class AdminFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        if(!(req.getRequestURL().toString().endsWith("login"))){//排查后台登录界面
            Subject subject = SecurityUtils.getSubject();
            if(subject!=null &&( subject.getSession().getAttribute("muser")==null)){
                request.getRequestDispatcher("/WEB-INF/jsp/admin/login.jsp").forward(request,response);
                request.setAttribute("msg","请以管理员身份登录后操作");
                return;
            }
        }
        chain.doFilter(request, response);
    }
    @Override
    public void destroy() {
    }
}
